/** * @group IL_Init */ public function testBasicSessionBehaviour() { global $ilUser; include_once "./Services/Authentication/classes/class.ilSession.php"; $result = ""; ilSession::_writeData("123456", "Testdata"); if (ilSession::_exists("123456")) { $result .= "exists-"; } if (ilSession::_getData("123456") == "Testdata") { $result .= "write-get-"; } $duplicate = ilSession::_duplicate("123456"); if (ilSession::_getData($duplicate) == "Testdata") { $result .= "duplicate-"; } ilSession::_destroy("123456"); if (!ilSession::_exists("123456")) { $result .= "destroy-"; } ilSession::_destroyExpiredSessions(); if (ilSession::_exists($duplicate)) { $result .= "destroyExp-"; } ilSession::_destroyByUserId($ilUser->getId()); if (!ilSession::_exists($duplicate)) { $result .= "destroyByUser-"; } $this->assertEquals("exists-write-get-duplicate-destroy-destroyExp-destroyByUser-", $result); }
/** * set session handler to db * * Used in Soap/CAS */ public static function setSessionHandler() { if (ini_get('session.save_handler') != 'user') { ini_set("session.save_handler", "user"); } require_once "Services/Authentication/classes/class.ilSessionDBHandler.php"; $db_session_handler = new ilSessionDBHandler(); if (!$db_session_handler->setSaveHandler()) { self::abortAndDie("Please turn off Safe mode OR set session.save_handler to \"user\" in your php.ini"); } // Do not accept external session ids if (!ilSession::_exists(session_id()) && !defined('IL_PHPUNIT_TEST')) { session_regenerate_id(); } }
/** * Write session data * * @param string session id * @param string session data */ static function _writeData($a_session_id, $a_data) { global $ilDB, $ilClientIniFile; if ($GLOBALS['WEB_ACCESS_WITHOUT_SESSION']) { // Prevent session data written for web access checker // when no cookie was sent (e.g. for pdf files linking others). // This would result in new session records for each request. return false; } $now = time(); // prepare session data $fields = array("user_id" => array("integer", (int) $_SESSION["AccountId"]), "expires" => array("integer", self::getExpireValue()), "data" => array("clob", $a_data), "ctime" => array("integer", $now), "type" => array("integer", (int) $_SESSION["SessionType"])); if ($ilClientIniFile->readVariable("session", "save_ip")) { $fields["remote_addr"] = array("text", $_SERVER["REMOTE_ADDR"]); } if (ilSession::_exists($a_session_id)) { $ilDB->update("usr_session", $fields, array("session_id" => array("text", $a_session_id))); } else { $fields["session_id"] = array("text", $a_session_id); $fields["createtime"] = array("integer", $now); $ilDB->insert("usr_session", $fields); // check type against session control $type = $fields["type"][1]; if (in_array($type, ilSessionControl::$session_types_controlled)) { ilSessionStatistics::createRawEntry($fields["session_id"][1], $type, $fields["createtime"][1], $fields["user_id"][1]); } } // finally delete deprecated sessions if (rand(0, 50) == 2) { // get time _before_ destroying expired sessions self::_destroyExpiredSessions(); ilSessionStatistics::aggretateRaw($now); } return true; }
function initIlias($context = "web") { global $ilDB, $ilUser, $ilLog, $ilErr, $ilClientIniFile, $ilIliasIniFile, $ilSetting, $ilias, $https, $ilObjDataCache, $ilLog, $objDefinition, $lng, $ilCtrl, $ilBrowser, $ilHelp, $ilTabs, $ilMainMenu, $rbacsystem, $ilNavigationHistory; // remove unsafe characters $this->removeUnsafeCharacters(); // error reporting // remove notices from error reporting if (version_compare(PHP_VERSION, '5.3.0', '>=')) { error_reporting(ini_get("error_reporting") & ~E_NOTICE & ~E_DEPRECATED); } else { error_reporting(ini_get('error_reporting') & ~E_NOTICE); } // include common code files $this->requireCommonIncludes(); global $ilBench; // set error handler (to do: check preconditions for error handler to work) $ilBench->start("Core", "HeaderInclude_GetErrorHandler"); $ilErr = new ilErrorHandling(); $GLOBALS['ilErr'] =& $ilErr; $ilErr->setErrorHandling(PEAR_ERROR_CALLBACK, array($ilErr, 'errorHandler')); $ilBench->stop("Core", "HeaderInclude_GetErrorHandler"); // prepare file access to work with safe mode (has been done in class ilias before) umask(0117); // set cookie params $this->setCookieParams(); // $ilIliasIniFile initialisation $this->initIliasIniFile(); // CLIENT_ID determination $this->determineClient(); // $ilAppEventHandler initialisation $this->initEventHandling(); // $ilClientIniFile initialisation $this->initClientIniFile(); // removed redirection madness the service should respond with SERVICE UNAVAILABLE // $ilDB initialisation $this->initDatabase(); // init plugin admin class include_once "Services/Component/classes/class.ilPluginAdmin.php"; $ilPluginAdmin = new ilPluginAdmin(); $GLOBALS['ilPluginAdmin'] = $ilPluginAdmin; // set session handler $this->setSessionHandler(); // $ilSetting initialisation $this->initSettings(); // $ilLog initialisation $this->initLog(); // $https initialisation require_once 'classes/class.ilHTTPS.php'; $https = new ilHTTPS(); $GLOBALS['https'] =& $https; $https->enableSecureCookies(); $https->checkPort(); if ($this->returnBeforeAuth()) { return; } $ilCtrl = new ilCtrl2(); $GLOBALS['ilCtrl'] =& $ilCtrl; // $ilAuth initialisation include_once "Services/Authentication/classes/class.ilAuthUtils.php"; ilAuthUtils::_initAuth(); global $ilAuth; $this->includePhp5Compliance(); // Do not accept external session ids if (!ilSession::_exists(session_id())) { // $_GET["PHPSESSID"] = ""; session_regenerate_id(); } // $ilias initialisation global $ilias, $ilBench; $ilBench->start("Core", "HeaderInclude_GetILIASObject"); $ilias = new ILIAS(); $GLOBALS['ilias'] =& $ilias; $ilBench->stop("Core", "HeaderInclude_GetILIASObject"); // $ilObjDataCache initialisation $ilObjDataCache = new ilObjectDataCache(); $GLOBALS['ilObjDataCache'] =& $ilObjDataCache; // workaround: load old post variables if error handler 'message' was called if (isset($_SESSION["message"]) && $_SESSION["message"]) { $_POST = $_SESSION["post_vars"]; } // put debugging functions here require_once "include/inc.debug.php"; // $objDefinition initialisation $ilBench->start("Core", "HeaderInclude_getObjectDefinitions"); $objDefinition = new ilObjectDefinition(); $GLOBALS['objDefinition'] =& $objDefinition; // $objDefinition->startParsing(); $ilBench->stop("Core", "HeaderInclude_getObjectDefinitions"); // init tree $tree = new ilTree(ROOT_FOLDER_ID); $GLOBALS['tree'] =& $tree; // $ilAccess and $rbac... initialisation $this->initAccessHandling(); // authenticate & start session PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, array($ilErr, "errorHandler")); $ilBench->start("Core", "HeaderInclude_Authentication"); //var_dump($_SESSION); ////require_once('Log.php'); ////$ilAuth->logger = Log::singleton('error_log',PEAR_LOG_TYPE_SYSTEM,'TEST'); ////$ilAuth->enableLogging = true; if (!defined("IL_PHPUNIT_TEST")) { $oldSid = session_id(); $ilAuth->start(); $newSid = session_id(); include_once 'Services/Payment/classes/class.ilPaymentShoppingCart.php'; ilPaymentShoppingCart::_migrateShoppingCart($oldSid, $newSid); } //var_dump($_SESSION); $ilias->setAuthError($ilErr->getLastError()); $ilBench->stop("Core", "HeaderInclude_Authentication"); // workaround: force login if (!empty($_GET["cmd"]) && $_GET["cmd"] == "force_login" || $this->script == "login.php") { $ilAuth->logout(); if (!isset($_GET['forceShoppingCartRedirect'])) { $_SESSION = array(); } $_SESSION["AccountId"] = ""; $ilAuth->start(); $ilias->setAuthError($ilErr->getLastError()); } // check correct setup if (!$ilias->getSetting("setup_ok")) { die("Setup is not completed. Please run setup routine again."); } // $ilUser initialisation (1) $ilBench->start("Core", "HeaderInclude_getCurrentUser"); $ilUser = new ilObjUser(); $ilias->account =& $ilUser; $GLOBALS['ilUser'] =& $ilUser; $ilBench->stop("Core", "HeaderInclude_getCurrentUser"); // $ilCtrl initialisation //$ilCtrl = new ilCtrl(); // determin current script and up-path to main directory // (sets $this->script and $this->updir) $this->determineScriptAndUpDir(); // $styleDefinition initialisation and style handling for login and co. $this->initStyle(); if (in_array($this->script, array("login.php", "register.php", "view_usr_agreement.php")) || $_GET["baseClass"] == "ilStartUpGUI") { $this->handleStyle(); } // init locale $this->initLocale(); // handle ILIAS 2 imported users: // check ilias 2 password, if authentication failed // only if AUTH_LOCAL //echo "A"; if (AUTH_CURRENT == AUTH_LOCAL && !$ilAuth->getAuth() && $this->script == "login.php" && $_POST["username"] != "") { if (ilObjUser::_lookupHasIlias2Password(ilUtil::stripSlashes($_POST["username"]))) { if (ilObjUser::_switchToIlias3Password(ilUtil::stripSlashes($_POST["username"]), ilUtil::stripSlashes($_POST["password"]))) { $ilAuth->start(); $ilias->setAuthError($ilErr->getLastError()); ilUtil::redirect("index.php"); } } } // // SUCCESSFUL AUTHENTICATION // if ($ilAuth->getStatus() == '' && $ilias->account->isCurrentUserActive() || defined("IL_PHPUNIT_TEST") && DEVMODE) { //echo "C"; exit; $ilBench->start("Core", "HeaderInclude_getCurrentUserAccountData"); //var_dump($_SESSION); // get user data $this->initUserAccount(); //var_dump($_SESSION); // differentiate account security mode require_once 'Services/PrivacySecurity/classes/class.ilSecuritySettings.php'; $security_settings = ilSecuritySettings::_getInstance(); if ($security_settings->getAccountSecurityMode() == ilSecuritySettings::ACCOUNT_SECURITY_MODE_CUSTOMIZED) { // reset counter for failed logins ilObjUser::_resetLoginAttempts($ilUser->getId()); } $ilBench->stop("Core", "HeaderInclude_getCurrentUserAccountData"); } else { if (!$ilAuth->getAuth()) { require_once 'Services/PrivacySecurity/classes/class.ilSecuritySettings.php'; // differentiate account security mode $security = ilSecuritySettings::_getInstance(); if ($security->getAccountSecurityMode() == ilSecuritySettings::ACCOUNT_SECURITY_MODE_CUSTOMIZED) { if (isset($_POST['username']) && $_POST['username'] && $ilUser->getId() == 0) { $username = ilUtil::stripSlashes($_POST['username']); $usr_id = ilObjUser::_lookupId($username); if ($usr_id != ANONYMOUS_USER_ID) { ilObjUser::_incrementLoginAttempts($usr_id); $login_attempts = ilObjUser::_getLoginAttempts($usr_id); $max_attempts = $security->getLoginMaxAttempts(); if ($login_attempts >= $max_attempts && $usr_id != SYSTEM_USER_ID && $max_attempts > 0) { ilObjUser::_setUserInactive($usr_id); } } } } } } // // SUCCESSFUL AUTHENTICATED or NON-AUTH-AREA (Login, Registration, ...) // // $lng initialisation $this->initLanguage(); // store user language in tree $GLOBALS['tree']->initLangCode(); // ### AA 03.10.29 added new LocatorGUI class ### // when locator data array does not exist, initialise if (!isset($_SESSION["locator_level"])) { $_SESSION["locator_data"] = array(); $_SESSION["locator_level"] = -1; } // initialise global ilias_locator object // ECS Tasks include_once 'Services/WebServices/ECS/classes/class.ilECSTaskScheduler.php'; $scheduler = ilECSTaskScheduler::start(); $ilBench->stop("Core", "HeaderInclude"); }